Return of the Comments

COMMENTS WARS

In all seriousness, this post is to officially announce my Luke and
Leia, Commentable and CommentBucket, the behaviors that drive my
implementation of user-submitted comments
for RadiantCMS. As a teaser,
here's how I made it look on my testing platform, which is the "Styled
Blog" that comes with Radiant.

Now, to satiate your curiosity, you can download the behaviors as
a zip
file. I haven't put it on a Subversion repository yet, although
I'll probably figure out TextDrive's svn and put it up later. In the
meantime...

Commentable/CommentBucket HowTo

To use the Commentable/CommentBucket behavior, first download the
files and place all three .rb files in
your [RADIANT_HOME]/app/behaviors directory. If Radiant
is running, restart it.

Load the admin interface. For a page that you wish to have
comments, set the behavior to Commentable. Now your page can receive
comments once you add the proper tags. I recommend putting the tags
into a snippet and including that snippet in your page via a layout or
another part. A layout is probably best because you don't have to
type it each time. Here's the snippet I used for the screenshot above
(not everything is in the screenshot of course).

For more information about what each tag does (although I think
they're pretty self-explanatory), please look
at commentable_behavior.rb.

Security

All information passed into the behaviors is HTML-escaped to avoid
XSS and other nastiness. You can, however, allow any filter available
to RadiantCMS on the text via the "config" part. You may also set the
initial state of new comments through the "config" part (look
at app/models/status.rb for clues on what number to use).
Here's a sample:

status:100filter:Textile

This will make all new comments published immediately, and their
message bodies filtered with Textile. Make sure to set this
information BEFORE the first comment is posted, otherwise, it will
have to be modified in the "Comments" child.

But what about CAPTCHAs?

For this initial release, I didn't include any CAPTCHA, although
that is high on my list. I primarily chose not to because

Not everyone has the captcha gem. I can't test the
gem on win32 anyway. It's also poorly maintained (sorry
Jamis!).

The validates-captcha plugin doesn't do exactly
what I need.

I couldn't find any good, reliable, secure algorithms for
generating a CAPTCHA with RMagick.

I'd love it if someone can point me to a good algorithm that works
with RMagick. In the meantime, we'll have to do without CAPTCHA.

Legal junk

As with any software I have released, I didn't attach a license.
I'd appreciate you letting me know when you make any enhancements or
squash any bugs. That's all!

Tada!

NB: This site no longer uses Radiant and
many comments are disabled.As a gesture of goodwill to you,
my fellow citizens, I have enabled comments on this page.
Please contact me or leave a comment if you
experience trouble with the plugin or my page. Thanks!